From 9cc519f75d82cb4304c584ec40ca3044f1391530 Mon Sep 17 00:00:00 2001 From: Dave Arnold Date: Thu, 8 Aug 2024 19:40:41 -0400 Subject: [PATCH] updating --- linux.tf | 21 +++++++++++++++------ main.tf | 17 ++++++++++++++--- rhel.tf | 6 +----- windows.tf | 6 +----- 4 files changed, 31 insertions(+), 19 deletions(-) diff --git a/linux.tf b/linux.tf index 6cff4e7..9c5edaa 100644 --- a/linux.tf +++ b/linux.tf @@ -1,3 +1,7 @@ +moved { + from = module.main + to = module.amazon_linux +} module "amazon_linux" { source = "HappyPathway/image-pipeline/aws" @@ -18,7 +22,12 @@ module "amazon_linux" { type = "PLAINTEXT" } ] - packer_repo = data.aws_codecommit_repository.linux + packer_source_type = "S3" + packer_bucket = { + name = aws_s3_bucket.assets_bucket.bucket + key = "linux-image-pipeline.zip" + } + # packer_repo = data.aws_codecommit_repository.linux ansible_repo = data.aws_codecommit_repository.ansible goss_repo = data.aws_codecommit_repository.goss goss_profile = "base-test" @@ -32,11 +41,11 @@ output "linux_iam_arn" { value = module.amazon_linux.iam_arn } -output "linux_codebuild_user" { - value = module.amazon_linux.build_user.name -} - output "linux_parameters" { value = keys(module.amazon_linux.parameters) sensitive = true -} \ No newline at end of file +} + +output linux_bucket { + value = module.amazon_linux.s3_bucket +} diff --git a/main.tf b/main.tf index fac9b5d..715c85e 100644 --- a/main.tf +++ b/main.tf @@ -4,9 +4,17 @@ resource "aws_s3_bucket" "state_bucket" { bucket = "inf-test-${random_uuid.random.result}" } -resource "aws_s3_bucket_server_side_encryption_configuration" "state_bucket_encryption" { - bucket = aws_s3_bucket.state_bucket.bucket +resource "aws_s3_bucket" "assets_bucket" { + bucket = "image-pipeline-assets" +} + +resource "aws_s3_bucket_server_side_encryption_configuration" "state_bucket_encryption" { + for_each = tomap({ + state_bucket = aws_s3_bucket.state_bucket.bucket + assets_bucket = aws_s3_bucket.assets_bucket.bucket + }) + bucket = each.value rule { apply_server_side_encryption_by_default { sse_algorithm = "aws:kms" @@ -18,7 +26,10 @@ data "aws_iam_policy_document" "s3_access" { statement { effect = "Allow" actions = ["s3:*"] - resources = ["*"] + resources = [ + aws_s3_bucket.state_bucket.arn, + aws_s3_bucket.assets_bucket.arn + ] } } diff --git a/rhel.tf b/rhel.tf index 3aba4c1..5f7479f 100644 --- a/rhel.tf +++ b/rhel.tf @@ -32,11 +32,7 @@ output "rhel_iam_arn" { value = module.amazon_linux.iam_arn } -output "rhel_codebuild_user" { - value = module.amazon_linux.build_user.name -} - output "rhel_parameters" { value = keys(module.amazon_linux.parameters) sensitive = true -} \ No newline at end of file +} diff --git a/windows.tf b/windows.tf index c7834d3..b88b8f1 100644 --- a/windows.tf +++ b/windows.tf @@ -43,11 +43,7 @@ output "windows_iam_arn" { value = module.amazon_linux.iam_arn } -output "windows_codebuild_user" { - value = module.amazon_linux.build_user.name -} - output "windows_parameters" { value = keys(module.amazon_linux.parameters) sensitive = true -} \ No newline at end of file +}